My favorites
▼
|
Sign in
gerrit
Gerrit Code Review
Project Home
Downloads
Wiki
Issues
Source
Export to GitHub
New issue
Search
Search within:
All issues
Open issues
New issues
Issues to verify
for
Advanced search
Search tips
Subscriptions
Issue
1743
attachment: 0002-Don-t-add-Authorization-Bearer-TOKEN-header-if-HTTP-.patch
(2.8 KB)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
From 086014e8dc4af9b19f1f437c8c38ff26d1d9e540 Mon Sep 17 00:00:00 2001
From: Aleksander Adamowski <aleksander.adamowski@gmail.com>
Date: Fri, 4 Jan 2013 03:23:44 +0100
Subject: [PATCH 2/2] Don't add "Authorization: Bearer TOKEN" header if HTTP
authentication type is employed. Fix for
http://code.google.com/p/gerrit/issues/detail?id=1743 .
Change-Id: I44596eef8e2ad0cf1f802512cd308362a8dcf147
---
.../src/main/java/com/google/gerrit/client/rpc/RestApi.java | 3 ++-
.../main/java/com/google/gerrit/httpd/CacheBasedWebSession.java | 4 ++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/gerrit-gwtui/src/main/java/com/google/gerrit/client/rpc/RestApi.java b/gerrit-gwtui/src/main/java/com/google/gerrit/client/rpc/RestApi.java
index d3c7000..ec806b7 100644
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/rpc/RestApi.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/rpc/RestApi.java
@@ -21,6 +21,7 @@ import static com.google.gwt.http.client.RequestBuilder.PUT;
import com.google.gerrit.client.Gerrit;
import com.google.gerrit.client.RpcStatus;
+import com.google.gerrit.reviewdb.client.AuthType;
import com.google.gwt.core.client.GWT;
import com.google.gwt.core.client.JavaScriptObject;
import com.google.gwt.http.client.Request;
@@ -279,7 +280,7 @@ public class RestApi {
final AsyncCallback<T> cb) {
RequestBuilder req = new RequestBuilder(method, url.toString());
req.setHeader("Accept", JSON_TYPE);
- if (Gerrit.getAuthorization() != null) {
+ if (Gerrit.getConfig().getAuthType() != AuthType.HTTP && Gerrit.getAuthorization() != null) {
req.setHeader("Authorization", Gerrit.getAuthorization());
}
if (contentData != null) {
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
index 88609ea..4155f25 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
@@ -21,6 +21,7 @@ import com.google.gerrit.httpd.WebSessionManager.Key;
import com.google.gerrit.httpd.WebSessionManager.Val;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountExternalId;
+import com.google.gerrit.reviewdb.client.AuthType;
import com.google.gerrit.server.AccessPath;
import com.google.gerrit.server.AnonymousUser;
import com.google.gerrit.server.CurrentUser;
@@ -97,6 +98,9 @@ public final class CacheBasedWebSession implements WebSession {
} else {
token = cookie;
}
+ if (authConfig.getAuthType() == AuthType.HTTP) {
+ okPaths.add(AccessPath.REST_API);
+ }
if (token != null) {
key = new Key(token);
--
1.7.10.4
Powered by
Google Project Hosting